PT-2023-13528 · Intel · Intel Nuc Pro Board+15

Yngweijw

·

Published

2023-05-10

·

Updated

2023-05-22

·

CVE-2022-37327

CVSS v3.1

6.1

Medium

VectorAV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N
Name of the Vulnerable Software and Affected Versions Intel(R) NUC (affected versions not specified) Intel(R) NUC Performance Kit (affected versions not specified) Intel(R) NUC Performance Mini PC (affected versions not specified) Intel(R) NUC 8 Compute Element (affected versions not specified) Intel(R) NUC Pro Kit (affected versions not specified) Intel(R) NUC Pro Board (affected versions not specified) Intel(R) NUC 11 Compute Element (affected versions not specified) Intel(R) NUC 12 Compute Element (affected versions not specified) Intel(R) NUC Extreme (affected versions not specified) Intel(R) NUC 12 Extreme Compute Element (affected versions not specified) Intel(R) NUC Laptop Kit (affected versions not specified) Intel(R) NUC Enthusiast (affected versions not specified) Intel(R) NUC Essential (affected versions not specified) Intel(R) NUC Boards (affected versions not specified) Intel(R) NUC Pro Compute Element (affected versions not specified) Intel(R) NUC Rugged (affected versions not specified)
Description The issue is related to improper input validation in the BIOS firmware, which may allow a privileged user to enable information disclosure via local access.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2022-37327

Affected Products

Intel Nuc
Intel Nuc 11 Compute Element
Intel Nuc 12 Compute Element
Intel Nuc 12 Extreme Compute Element
Intel Nuc 8 Compute Element
Intel Nuc Boards
Intel Nuc Enthusiast
Intel Nuc Essential
Intel Nuc Extreme
Intel Nuc Laptop Kits
Intel Nuc Performance Kit
Intel Nuc Performance Mini Pc
Intel Nuc Pro Board
Intel Nuc Pro Compute Element
Intel Nuc Pro Kit
Intel Nuc Rugged